Disclaimer: I presume this is about the recent push to disable SSL3/TLS1.0 (Enhancement 941333:[Security] TLS firedrill, disable SSL3/TLS1.0). I not 100% confident with below statements - developer comment wanted.

If SSL3/TLS1.0 is disabled, the outcome will depend on eB version and the protocol used by eB Web to communicate with eB Core Server: * If eB v15.6 or earlier, then it should have no effect. * If eB v16.1-16.6 then it will work/fail depending on primary transport protocol used by eB Core server. TCP protocol(default) will continue working but HTTPS(optional) will fail - eB server won't communicate with eB Web. * If eB v16.7.1-16.7.14 then eB server won't communicate with eB Web as it is HTTPS-only. * eB v16.7.15 and later supports TLS1.1+. Encryption of higher degree will be used for communitcation over HTTPS if SSL3/TLS1.0 is disabled.

Lambert Brink in reply to Dainius Pavilonis

This is mostly accurate - it'll depend on exactly what gets modified around TLS/SSL, I'd say the behavior in some earlier eB versions are undefined because whatever settings are being changed here wouldn't have been tested for in the past so the applications may break.

The one statement we can make is 16.7.15 and later supports TLS1.1-1.2.

I have proceeded with turning off the below protocols ciphers and Key Exchange Algorithms because there are out off date, and I left TLS 2.1 on. But this has made the websites inaccessible, I had to turn them back on. We are currently using EB: 16.6.1.115. I guess this is what Lambert was referring to.